diff options
author | Max Kanat-Alexander <mkanat@bugzilla.org> | 2010-04-27 21:01:24 +0200 |
---|---|---|
committer | Max Kanat-Alexander <mkanat@bugzilla.org> | 2010-04-27 21:01:24 +0200 |
commit | 68af4d3c22ce1cb25793af5fb9f422bbb6ebe80e (patch) | |
tree | 1283a8a34de7cdbf7675aa05514e3289602c34d7 | |
parent | b7fbcf61cf1267564edaf343833fa15f1a806430 (diff) | |
download | bugzilla-68af4d3c22ce1cb25793af5fb9f422bbb6ebe80e.tar.gz bugzilla-68af4d3c22ce1cb25793af5fb9f422bbb6ebe80e.tar.xz |
Bug 561322: Make Bugzilla::DB::_connect and related functions take their
parameters as a hashref, to improve the API and to avoid exposing the
database password on error.
r=mkanat, a=mkanat (module owner)
-rw-r--r-- | Bugzilla/DB.pm | 34 | ||||
-rw-r--r-- | Bugzilla/DB/Mysql.pm | 7 | ||||
-rw-r--r-- | Bugzilla/DB/Oracle.pm | 7 | ||||
-rw-r--r-- | Bugzilla/DB/Pg.pm | 7 |
4 files changed, 36 insertions, 19 deletions
diff --git a/Bugzilla/DB.pm b/Bugzilla/DB.pm index fc2e05899..e6c29e0b0 100644 --- a/Bugzilla/DB.pm +++ b/Bugzilla/DB.pm @@ -83,22 +83,27 @@ sub connect_shadow { die "Tried to connect to non-existent shadowdb" unless $params->{'shadowdb'}; - my $lc = Bugzilla->localconfig; + # Instead of just passing in a new hashref, we locally modify the + # values of "localconfig", because some drivers access it while + # connecting. + my %connect_params = %{ Bugzilla->localconfig }; + $connect_params{db_host} = $params->{'shadowdbhost'}; + $connect_params{db_name} = $params->{'shadowdb'}; + $connect_params{db_port} = $params->{'shadowdbport'}; + $connect_params{db_sock} = $params->{'shadowdbsock'}; - return _connect($lc->{db_driver}, $params->{"shadowdbhost"}, - $params->{'shadowdb'}, $params->{"shadowdbport"}, - $params->{"shadowdbsock"}, $lc->{db_user}, $lc->{db_pass}); + return _connect(\%connect_params); } sub connect_main { my $lc = Bugzilla->localconfig; - return _connect($lc->{db_driver}, $lc->{db_host}, $lc->{db_name}, $lc->{db_port}, - $lc->{db_sock}, $lc->{db_user}, $lc->{db_pass}); + return _connect(Bugzilla->localconfig); } sub _connect { - my ($driver, $host, $dbname, $port, $sock, $user, $pass) = @_; + my ($params) = @_; + my $driver = $params->{db_driver}; my $pkg_module = DB_MODULE->{lc($driver)}->{db}; # do the actual import @@ -107,7 +112,7 @@ sub _connect { . " localconfig: " . $@); # instantiate the correct DB specific module - my $dbh = $pkg_module->new($user, $pass, $host, $dbname, $port, $sock); + my $dbh = $pkg_module->new($params); return $dbh; } @@ -224,13 +229,14 @@ sub bz_create_database { sub _get_no_db_connection { my ($sql_server) = @_; my $dbh; - my $lc = Bugzilla->localconfig; + my %connect_params = %{ Bugzilla->localconfig }; + $connect_params{db_name} = ''; my $conn_success = eval { - $dbh = _connect($lc->{db_driver}, $lc->{db_host}, '', $lc->{db_port}, - $lc->{db_sock}, $lc->{db_user}, $lc->{db_pass}); + $dbh = _connect(\%connect_params); }; if (!$conn_success) { - my $sql_server = DB_MODULE->{lc($lc->{db_driver})}->{name}; + my $driver = $connect_params{db_driver}; + my $sql_server = DB_MODULE->{lc($driver)}->{name}; # Can't use $dbh->errstr because $dbh is undef. my $error = $DBI::errstr || $@; chomp($error); @@ -1060,7 +1066,9 @@ sub bz_rollback_transaction { ##################################################################### sub db_new { - my ($class, $dsn, $user, $pass, $override_attrs) = @_; + my ($class, $params) = @_; + my ($dsn, $user, $pass, $override_attrs) = + @$params{qw(dsn user pass attrs)}; # set up default attributes used to connect to the database # (may be overridden by DB driver implementations) diff --git a/Bugzilla/DB/Mysql.pm b/Bugzilla/DB/Mysql.pm index 297cf5758..13069a78a 100644 --- a/Bugzilla/DB/Mysql.pm +++ b/Bugzilla/DB/Mysql.pm @@ -61,7 +61,9 @@ use constant MAX_COMMENTS => 50; use base qw(Bugzilla::DB); sub new { - my ($class, $user, $pass, $host, $dbname, $port, $sock) = @_; + my ($class, $params) = @_; + my ($user, $pass, $host, $dbname, $port, $sock) = + @$params{qw(db_user db_pass db_host db_name db_port db_sock)}; # construct the DSN from the parameters we got my $dsn = "dbi:mysql:host=$host;database=$dbname"; @@ -74,7 +76,8 @@ sub new { mysql_auto_reconnect => 1, ); - my $self = $class->db_new($dsn, $user, $pass, \%attrs); + my $self = $class->db_new({ dsn => $dsn, user => $user, + pass => $pass, attrs => \%attrs }); # This makes sure that if the tables are encoded as UTF-8, we # return their data correctly. diff --git a/Bugzilla/DB/Oracle.pm b/Bugzilla/DB/Oracle.pm index 5dd127882..6fa7a9869 100644 --- a/Bugzilla/DB/Oracle.pm +++ b/Bugzilla/DB/Oracle.pm @@ -54,7 +54,9 @@ use constant ISOLATION_LEVEL => 'READ COMMITTED'; use constant BLOB_TYPE => { ora_type => ORA_BLOB }; sub new { - my ($class, $user, $pass, $host, $dbname, $port) = @_; + my ($class, $params) = @_; + my ($user, $pass, $host, $dbname, $port) = + @$params{qw(db_user db_pass db_host db_name db_port)}; # You can never connect to Oracle without a DB name, # and there is no default DB. @@ -70,7 +72,8 @@ sub new { LongReadLen => ( Bugzilla->params->{'maxattachmentsize'} || 1000 ) * 1024, }; - my $self = $class->db_new($dsn, $user, $pass, $attrs); + my $self = $class->db_new({ dsn => $dsn, user => $user, + pass => $pass, attrs => $attrs }); # Needed by TheSchwartz $self->{private_bz_dsn} = $dsn; diff --git a/Bugzilla/DB/Pg.pm b/Bugzilla/DB/Pg.pm index b31d186bb..c85c1d710 100644 --- a/Bugzilla/DB/Pg.pm +++ b/Bugzilla/DB/Pg.pm @@ -52,7 +52,9 @@ use base qw(Bugzilla::DB); use constant BLOB_TYPE => { pg_type => DBD::Pg::PG_BYTEA }; sub new { - my ($class, $user, $pass, $host, $dbname, $port) = @_; + my ($class, $params) = @_; + my ($user, $pass, $host, $dbname, $port) = + @$params{qw(db_user db_pass db_host db_name db_port)}; # The default database name for PostgreSQL. We have # to connect to SOME database, even if we have @@ -70,7 +72,8 @@ sub new { my $attrs = { pg_enable_utf8 => Bugzilla->params->{'utf8'} }; - my $self = $class->db_new($dsn, $user, $pass, $attrs); + my $self = $class->db_new({ dsn => $dsn, user => $user, + pass => $pass, attrs => $attrs }); # all class local variables stored in DBI derived class needs to have # a prefix 'private_'. See DBI documentation. |